March 23, 2003 at 7:36 am
newbie;
Please help. I am creating a vb app connecting to MSDE 2000 using ADO.
My problem is that sensitive data is stored in multiple tables i.e. Cost Prices. I want to be able to hide sensitive data from certain usrs but display to others that have the required security level (i.e security levels 0 to 9)
How do I set/check a filter for columns based on this security level?
thanks in advance.
Steve.
March 23, 2003 at 9:58 am
Have a lot of options. You can employ true column level security within SQL (not my favorite), use views, or simpler to me - handle the security within the application based on who is logged in.
Andy
March 23, 2003 at 11:14 am
You could also set up roles that mimic the 0-9 security levels you mentioned and use the IS_MEMBER in your T-SQL or app to verify group membership. I agree with andy about using column level security, It quickly becomes a bear to manage, and ends up causing more problems than it solves more often than not.
Tim C.
//Will write code for food
Tim C //Will code for food
March 23, 2003 at 11:38 am
Setting up true column level security, or possibly using views, is still the only way if you really need to deny unauthorised users of the actual database, not some app using it, access to those columns. I would probably also set up roles (0-9), then add my users to these roles and set up column level permissions for those roles. Imho, administering permissions is mauch easier than overviewing tons of procs with built-in security checks in T-SQL.
--
Chris Hedgate @ Apptus Technologies (http://www.apptus.se)
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply